Just received blackmail/scam attempt email. Wat do?

Associate
Joined
10 Apr 2008
Posts
2,487
So I just opened my email to find a blackmail/scam email from someone demanding $3000 in Bitcoin. I suspect this is just someone trying their luck, but there are a few worrying things. Here are the key details:

*The scammer doesn't seem to know my actual name, but he clearly does have my username, password and email address. It's not the username I use here. In fact I can't remember where it's from because it's not one I use often, although I have used it in the past. And I have used the password before as well.
*The scam is basically that they supposedly installed some malware via a porn video I watched/downloaded (the language they use is quite vague) which supposedly granted them remote desktop access and access to my webcam, and installed a keylogger. The email says they're going to send a video of my webcam and me watching porn to all my contacts unless I pay within 24 hours blah, blah, blah... I would suspect this is ******** anyway, but I don't even have a webcam and I haven't downloaded any porn in probably a decade. Not gonna like I do occasionally go to Pornhub though :D

Anyway, I'm posting this here mainly just to ask for advice. I'm using my other half's laptop to type this, and I'm gonna use it to change my personal and work email, Facebook, Twitter, online banking and any other passwords I can think of. I've also ran a scan on my laptop using Windows Defender, but I'm wondering if there's anything else it would be wise to do? Any advice?

I suspect this is just some **** who got access to some ancient forum's email database and is sending out these emails on a mass basis, but obviously I want to be cautious. Should I be scanning for spyware with Spybot or something like that? I've been lucky with viruses/malware in that I haven't had any problems in years, so a bit out of the loop.
 
Associate
Joined
15 Jun 2009
Posts
2,494
suspect this is just some **** who got access to some ancient forum's email database and is sending out these emails on a mass basis
Nothing more than this imo.

Check Haveibeenpwned.com and you might be able to pinpoint where they got your details from.

No harm in scanning for malware with Malwarebytes though but I'd say just ignore the email.
 
Associate
OP
Joined
10 Apr 2008
Posts
2,487
Just checked haveibeenpwned.com and it says my email was compromised on three separate occasions. I've had this email for over a decade, so not surprised.
 
Soldato
Joined
1 Mar 2010
Posts
21,783
I've also ran a scan on my laptop using Windows Defender,
think i would be scanning with bit defender say, or one of the linux based tools ...I did not know defender was up to spotting root kits etc.

I guess you got no google hits on the text used in the ransom demand ?
 
Associate
OP
Joined
10 Apr 2008
Posts
2,487
think i would be scanning with bit defender say, or one of the linux based tools ...I did not know defender was up to spotting root kits etc.

I guess you got no google hits on the text used in the ransom demand ?

I've just scanned with Malwarebytes. No problems found.

No hits on the text used in the demand.
 
Man of Honour
Joined
13 Oct 2006
Posts
90,821
Almost certainly some of your details have been leaked or guessed due to some of the vulnerabilities, etc. like heartbleed and breaches at certain retailers and websites and they are just chancing it that having a little valid info you will panic and assume they have the rest - it has almost worked on you so certainly is going to work against some people.

One thing that seems to be underestimated is how much data has been gathered off the back of things like heartbleed which is mostly huge amounts of garbage with bits and pieces of useable details randomly in amongst it that over time is being filtered or sorted out of the data via various processes.
 
Associate
OP
Joined
10 Apr 2008
Posts
2,487
I wouldn't say it's almost worked on me. Been around here long enough to know about most types of scam. I just wanted to see if there were any precautions worth taking.
 
Man of Honour
Joined
13 Oct 2006
Posts
90,821
Windows Defender also gives fairly good protection/detection of stuff like this - if they have managed to get something onto your system these kind of attempts usually use fairly crude "off the shelf" malware that are easily detected - someone going to the trouble of something more sophisticated either really has it in for you personally or is going after something much bigger than trying to extort money off an individual.
 
Associate
OP
Joined
10 Apr 2008
Posts
2,487

Yep. I would bet money it's the same guy/group. The wording is slightly different, but so many of the incidental details are the same as this one:

Good day.

If you were more scrutiny while playing with yourself, I wouldn\’t write dis message. I don\’t think that playing with yourself is very awful, but when all colleagues, relatives and friends get video of it- it is unpleasant for u.

I adjusted malisious soft on a web-site for adults (with porn) which was visited by you. When the object tap on a play button, device begins recording the screen and all cameras on ur device begins working.

Moreover, soft makes a dedicated desktop supplied with keylogger function from the system , so I was able to save all contacts from ur e-mail, messengers and other social networks. I\’ve chosen dis e-mail because It\’s your working address, so you must read it.

I think that 350 usd is pretty enough for this little misstep. I made a split screen vid(records from screen (u have interesting tastes ) and camera ohh… its funny AF)

So its your choice, if u want me to erase ur disgrace use my bitсоin wаllet аddrеss: 1CvwXG7AMgunAHqU8UVvAQkpEAS3VsVtnU

You have one day after opening my message, I put the special tracking pixel in it, so when you will open it I will see.If ya want me to show u the proofs, reply on this letter and I will send my creation to five contacts that I\’ve got from ur contacts.

P.S. You are able to complain to police, but I don\’t think that they can solve ur problem, the investigation will last for one year- I\’m from Ukraine – so I dgf lmao
 
Soldato
Joined
13 Mar 2007
Posts
13,443
Location
South Yorkshire
It's a generic scam, last week they started sending a new wave of this one out, several of our customers rang asking us about it, 1) you can't / don't watch porn at work 2) none of them had webcams 3) the broken english gives it away.
 
Associate
Joined
19 Jul 2011
Posts
2,343
I wouldn't say it's almost worked on me. Been around here long enough to know about most types of scam. I just wanted to see if there were any precautions worth taking.

If its the same spam **** I got recently, claiming to have recorded "My enjoyment of said entertainment sites", stick some black tape over your webcam.
Or wear a bag on your head :)
 
Soldato
Joined
1 Mar 2010
Posts
21,783
Will gmail or others filter/tag these kind of emails ? ... would be good for older relations



The same web-site listed a current Fake BT phishing email
https://myonlinesecurity.co.uk/fake...empοrary-suspensiοn-of-your-service-phishing/
the email language use is a bit to autocratic ... but pretty good

It surprises me organisations that unecessarily send out pdf invoice attachments ... thinking of John Lewis here ... they should just embed data too.
 
Associate
Joined
26 Jul 2008
Posts
2,064
Location
Cowley, Middx
So I just opened my email to find a blackmail/scam email from someone demanding $3000 in Bitcoin. I suspect this is just someone trying their luck, but there are a few worrying things. Here are the key details:

*The scammer doesn't seem to know my actual name, but he clearly does have my username, password and email address. It's not the username I use here. In fact I can't remember where it's from because it's not one I use often, although I have used it in the past. And I have used the password before as well.
*The scam is basically that they supposedly installed some malware via a porn video I watched/downloaded (the language they use is quite vague) which supposedly granted them remote desktop access and access to my webcam, and installed a keylogger. The email says they're going to send a video of my webcam and me watching porn to all my contacts unless I pay within 24 hours blah, blah, blah... I would suspect this is ******** anyway, but I don't even have a webcam and I haven't downloaded any porn in probably a decade. Not gonna like I do occasionally go to Pornhub though :D

Anyway, I'm posting this here mainly just to ask for advice. I'm using my other half's laptop to type this, and I'm gonna use it to change my personal and work email, Facebook, Twitter, online banking and any other passwords I can think of. I've also ran a scan on my laptop using Windows Defender, but I'm wondering if there's anything else it would be wise to do? Any advice?

I suspect this is just some **** who got access to some ancient forum's email database and is sending out these emails on a mass basis, but obviously I want to be cautious. Should I be scanning for spyware with Spybot or something like that? I've been lucky with viruses/malware in that I haven't had any problems in years, so a bit out of the loop.
I had a similar threat, and I suspect I know which certain adult site had it's database (which isn't pornhub) breached and I also suspect that this is an empty threat since like you I have no webcam so anything that it stated afterwards is complete nonsense even though I have changed some passwords on a system with a clean install, but this threat is just from some scumbag trying their luck.
 
Soldato
Joined
1 Mar 2010
Posts
21,783
nonetheless - if they had access to your contacts and could send emails purporting to be from you that could be a problem ?
 
Back
Top Bottom